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REMARKS 

Applicants reply to the Final Office Action dated July 31, 2008, within two months. 
Accordingly, Applicants request an Advisory Action, if necessary. The Examiner rejects all pending 
claims 5, 7-12 and 51-57. Applicants cancel claim 7 without prejudice or disclaimer to filing one or 
more claims having similar subject matter. Support for the amendments may be found in the 
originally-filed specification, claims, and figures. No new matter has been introduced by these 
amendments. Applicants respectfully request reconsideration of the pending claims. 

Applicants thank the Examiner for the interview held with Applicants' patent attorney David 
Nigro on August 14, 2008. Applicants also thank the Examiner for acknowledging that the cited 
references do not disclose or contemplate "at least one of editing and removing at least a portion of 
said executable commands such that said executable commands still remain in said trusted portion, but 
cannot be executed by said network client," as recited in amended independent claims 5 and 57, and 
that such a claim is supported by the present specification. 

It appears from the outstanding Office Action that the Examiner did not consider the editing 
clause when analyzing the cited references in light of the pending rejection based on 35 U.S.C. § 112, 
first paragraph. Applicants respectfully request that the Examiner re-analyze the cited references in 
light of all of the pending claim elements which are adequately supported by the specification, as set 
forth below. 

Rejection based on 35 U.S.C. § 112, first paragraph 

Claims 5, 7-12, 51-57 

The Examiner rejects claims 5, 7-12, 51-57 as failing to comply with the written description 
requirement of 35 U.S.C. § 112, first paragraph. In particular, the Examiner believes that there is no 
support for "editing at least a portion of said executable commands such that said executable 
commands still remain in said trusted portion, but cannot be executed by said network client." 
Applicants respectfully traverse this rejection as set forth below. 

Applicants direct the Examiner's attention to, for example, paragraphs [0099], [0101], Figure 
13, and the claims as originally filed on April 9, 2004 of the present specification. Paragraph [0099], 
when referring to Figure 13, discloses that: 

To prevent this potential security problem, various embodiments of the invention 
suitably include techniques for reducing or eliminating undesired executable code. With 
reference to FIG. 13, a process 1300 for reducing the likelihood of script attacks suitably 
includes the steps of limiting the portions of the server having elevated permission (step 1302), 
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removing dangerous characters within that portion of the site (step 1304), encoding 
certain characters where necessary (step 1306), and optionally logging data that is provided 
to users from the relevant portion of the Web site (step 1308). [emphasis added]. 
Paragraph [0101] further discloses that: 

In addition to (or as an alternative to) configuring the client such that the client only 
"trusts" a certain portion of the server, the server may be configured to improve the security of 
the client-server interaction. For example, scripting with heightened trust may be disallowed on 
most of the server to improve security. Moreover, data provided to the trusted portion of the 
Web site may be monitored and/or modified before being returned to the user (steps 1304 
and 1306). Most scripting languages require certain characters for formatting commands. For 
example, the JavaScript language is frequently encoded with script instructions placed between 
angle brackets ("<" and ">"). Hence, the angle brackets may be removed from any content 
that will be returned by a trusted portion of the Web site. If a Web page provided from a 
trusted portion of the Web site were to include a "criminal" JavaScript program attempting to 
use angle brackets, for example, the script instructions would not execute on the user's 
computer because the script instructions would not be properly formatted after removing 
the angle brackets. Alternatively, certain "dangerous" characters (such as the angle brackets in 
JavaScript) may be returned in an alternate format, for example, in "ampersand notation" 
with an ampersand ("&") and an American Standard Code for Information Interchange (ASCII) 
value for the particular character, or by replacing the "dangerous" character with a safe 
character, such as the "space" character (step 1306). It will be appreciated that any characters 
could be eliminated or encoded in various embodiments of the invention depending upon the 
particular languages, scripting environments, and the like that may be utilized, [emphasis 
added]. 

Further still, original claim 6 included, at least, "removing said particular characters such that a 
security risk posed by said selected protocol is reduced" and original claim 7 included, at least, 
"replacing said particular characters with benign characters such that a security risk posed by said 
selected protocol is reduced." 

Applicants respectfully submit that the above portions of the present specification, among 
others, satisfy the written description requirement of 35 U.S.C. § 112. Accordingly, Applicants 
respectfully request that this rejection be withdrawn. 
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Dependent claims 8-12 and 51-56, variously depend from independent claim 5, so Applicants 
assert that dependent claims 8-12 and 51-56 are patentable for at least the same reasons as set forth 
above for independent claim 5, as well as in view of their own respective features. Independent claim 
57 contains similar language as claim 5 and is thus supported by, among other things, the portions of 
the present specification cited above. Accordingly, Applicants respectfully submit that this rejection 
be withdrawn. 

Claim 7 is currently canceled, so Applicants respectfully submit that the rejection of claim 7 is 

moot. 

Rejection based on 35 U.S.C. § 103(a) 

Claims 5, 7-12, 51-57 

The Examiner rejects claims 5, 7-12, 51-57 as unpatentable over U.S. Patent No. 6,473,794 to 
Guheen ("Guheen") in view of U.S. Patent No. 5,913,024 to Green ("Green"). Applicants respectfully 
traverse this rejection as set forth below. 

As discussed in the previous Reply to Office Action filed on April 17, 2008, Guheen discloses 
methods for planning the testing of components of an existing network framework. (See Abstract). 
Guheen teaches the separation of testing environments to prevent unauthorized access. (See columns 
58-59). Green discloses a secure server system and method using a plurality of regions that comprise 
separate networking protocol stacks. (See Abstract, column 7, lines 56-59). Green discloses that, to 
prevent attack, a server application may be executed by a user other than root. (See column 29, line 3). 
Both Guheen and Green discuss computer security issues, including the undesirability of unauthorized 
access to secure systems. 

However, Guheen and Green do not disclose or contemplate, at least, "at least one of editing 
and removing at least a portion of said executable commands such that said executable commands still 
remain in said trusted portion, but cannot be executed by said network client, wherein said editing of 
said executable commands comprises replacing particular characters within said executable 
commands" as recited in the present claim 5. 

Dependent claims 8-12 and 51-56, variously depend from independent claim 5, so Applicants 
assert that dependent claims 8-12 and 51-56 are patentable for at least the same reasons for 
differentiating the independent claim 5, as well as in view of their own respective features. 
Independent claim 57 contains similar language as claim 5. Accordingly, Applicants respectfully 
submit that this rejection be withdrawn. 
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Claim 7 is currently canceled so Applicants respectfully submit that the rejection of claim 7 is 

moot. 



In view of the above remarks and amendments, Applicants respectfully submit that all pending 
claims are allowable over the cited references. Accordingly, Applicants respectfully request allowance 
of the pending claims. The Examiner is invited to telephone the undersigned at the Examiner's 
convenience, if that would help further prosecution of the subject application. The Commissioner is 
hereby authorized to charge any fees, which may be required, or credit any overpayment, to Deposit 
Account No. 19-2814. This statement does NOT authorizexharge of the issue fee . 



SNELL & WILMER L.L.P. 

One Arizona Center, 400 East Van Buren 
Phoenix, AZ 85004-2202 
Phone: (602) 382-6228 / Fax: (602)382-6070 
Email: hsobelman@swlaw.com 



Conclusion 



Date: 




AXP No. 200501530 

9021828 



7 



